End-of-Shift report
Timeframe: Mittwoch 13-05-2015 18:00 − Freitag 15-05-2015 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Multiple vulnerabilities in Cisco products
http://tools.cisco.com/security/center/viewAlert.x?alertId=38789
http://tools.cisco.com/security/center/viewAlert.x?alertId=38808
http://tools.cisco.com/security/center/viewAlert.x?alertId=38811
http://tools.cisco.com/security/center/viewAlert.x?alertId=38833
http://tools.cisco.com/security/center/viewAlert.x?alertId=38864
http://tools.cisco.com/security/center/viewAlert.x?alertId=38865
http://tools.cisco.com/security/center/viewAlert.x?alertId=38866
http://tools.cisco.com/security/center/viewAlert.x?alertId=38869
http://tools.cisco.com/security/center/viewAlert.x?alertId=38868
Multiple vulnerabilities in Loxone Smart Home (part 2)
The Loxone Smart Home vulnerabilities published in February 2015 (SA-20150227-0) have not been fixed entirely and can still be exploited. Furthermore, new security issues have been identified.
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150514-0_Loxone_Smart_Home_Multiple_Vulnerabilities_part2_v10.txt
Openlitespeed <= 1.3.10 Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2015050096
Hospira LifeCare PCA Infusion System Vulnerabilities (Update A)
This updated advisory is a follow-up to the original advisory titled ICSA-15-125-01 Hospira LifeCare PCA Infusion System Vulnerabilities that was published May 5, 2015, on the NCCIC/ICS-CERT web site. This advisory provides compensating measures for an improper authorization vulnerability and an insufficient verification ..
https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01A
Organizational Challenges in the Internet of Things
As a result of the increase in cyber-attacks launched by nation-states, cybercriminals, hacktivist groups and other entities, it has become increasingly important to understand the ecosystem of hardware, O/S, software, and services that are used in each organization's network, including ..
http://blog.trendmicro.com/trendlabs-security-intelligence/organizational-challenges-in-the-internet-of-things/
Mobile Spy Software Maker mSpy Hacked, Customer Data Leaked
mSpy, the makers of a dubious software-as-a-service product that claims to help more than two million people spy on the mobile devices of their kids and partners, appears to have been massively hacked. Last week, a huge trove of data apparently stolen from the companys servers was posted on the Dark Web, ..
http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-customer-data-leaked
Vulnerabilities in PHPMyAdmin
http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php
http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php
Kritik an fehlenden Sicherheitsfunktionen der Apple Watch
Die Apple Watch lässt sich ohne Kenntnis des Gerätecodes zurücksetzen – im Unterschied zu iPhone und iPad gibt es allerdings keine Aktivierungssperre, die die frische Inbetriebnahme durch einen Dieb verhindert.
http://heise.de/-2650499
Erpresser drohen zahlreichen deutschen Shops mit DDoS-Attacken
Eine Erpresserwelle verunsichert Betreiber von deutschen Online-Shops: Wer nicht zahlt, verliert womöglich Kunden. Was tun?
http://heise.de/-2650465
McAfees Reinigungs-Tool Stinger installiert heimlichen Wächter
Wer McAfees Scan-Tool "Stinger" benutzt, um seinen PC zu säubern, bekommt ungefragt einen Virenwächter im Betastadium untergeschoben. Einen Opt-Out gibt es nicht.
http://heise.de/-2645759
Hacking communities in the Deep Web
The role of hackers has changed over the years, in the past these professionals were viewed as dangerous criminals that needed to be kept at arm's length; meanwhile today they are highly sought from private companies, intelligence ..
http://resources.infosecinstitute.com/hacking-communities-in-the-deep-web/
SAP LZC LZH Compression Multiple Vulnerabilities
SAP products make use of a proprietary implementation of the Lempel-Ziv-Thomas (LZC) adaptive dictionary compression algorithm and the Lempel-Ziv-Huffman (LZH) compression algorithm [1] . These compression algorithms are used across several SAP products and programs. Vulnerabilities were found in the ..
http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities
Latest Microsoft Security Intelligence Report Now Available
This volume of the SIR focuses on the second half of 2014 and contains longer term trend data as well. SIR volume 18 contains data, insights and practical guidance on a range of global and regional cybersecurity threats including vulnerability disclosures, malware and unwanted software including the latest on ..
http://blogs.microsoft.com/cybertrust/2015/05/14/latest-microsoft-security-intelligence-report-now-available-3/
If Youre Typing the Word MCRYPT Into Your Code, Youre Doing It Wrong
Foreword: You probably should not be deploying your own cryptography to begin with, especially if you dont already understand that encryption is not authentication. For production systems, use PECL libsodium or defuse/php-encryption and save yourself the headache. The rest of this post is intended for PHP developers who still want to write their own cryptography code, or already have.
https://paragonie.com/blog/2015/05/if-you-re-typing-word-mcrypt-into-your-code-you-re-doing-it-wrong
One year of DANE Tales and Lessons Learned
https://ripe70.ripe.net/presentations/183-dane-ripe.pdf
Cylance SPEAR Team: A Threat Actor Resurfaces
Attackers typically shut down campaigns or halt activity after they are exposed by security researchers, thereby creating the impression they have dropped off the map. This often leads to a false sense of security within the community and perpetuates the idea that public exposure makes us all safer. While the ..
http://blog.cylance.com/spear-a-threat-actor-resurfaces